The RBS banking group has revealed it suffered a cyber attack on its online services that left customers struggling to log on for nearly an hour – just as monthly pay cheques were arriving in accounts.

The group, which boasts 6.5m customers under the NatWest, RBS and Ulster brands, said it was the victim of a deliberate surge in internet traffic, called “Distributed Denial of Service”. This floods a company’s site with millions of requests, potentially bringing it to a standstill. The “distributed” version of a cyber attack involves thousands of computers under the control of one attacker.

RBS said the attack on Friday lasted 50 minutes and although it inconvenienced customers it stressed that it did not compromise accounts or put customers at risk.

The bank said it did not know the identity of the perpetrators or why they had chosen to attack the bank. However, it is the second time RBS has been the victim of a DDoS. In December 2013 its systems were also targeted by cyber criminals over parts of a Thursday night and a Friday lunchtime.

First signs of the attack emerged when angry customers took to Twitter to accuse the bank of another IT disaster.

NatWest initially told customers over Twitter: “We are aware of an issue with our online banking service, our tech team is looking into this as a matter of urgency.”

After lunchtime it said the problem had been resolved and that services were now running normally. A few hours later it revealed that it had been caused by a DDoS.

But coming so soon after the last IT outage, the access problems left many customers venting their anger over Twitter.

Natwest IT problems

RBS said the attack lasted under an hour, but some customers said they had problems accessing their accounts early on Friday morning, as they were trying to log on and check their pay had gone into their accounts.

Natwest IT problems
Natwest IT problems

It is the fifth time in the last three years that RBS NatWest has had problems with its online banking service, and the second in six weeks.